hyper-v: Don't error while checking for admin permissions.

builder/hyperv/common/driver_ps_4.go

@@ -301,23 +301,37 @@ func (d *HypervPS4Driver) verifyPSHypervModule() error {
 	return nil
 }
 
-func (d *HypervPS4Driver) verifyHypervPermissions() error {
-
-	log.Printf("Enter method: %s", "verifyHypervPermissions")
-
+func (d *HypervPS4Driver) isCurrentUserAHyperVAdministrator() (bool, error) {
 	//SID:S-1-5-32-578 = 'BUILTIN\Hyper-V Administrators'
 	//https://support.microsoft.com/en-us/help/243330/well-known-security-identifiers-in-windows-operating-systems
-	hypervAdminCmd := "([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole('S-1-5-32-578')"
+
+	var script = `
+$identity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
+$principal = new-object System.Security.Principal.WindowsPrincipal($identity)
+$hypervrole = [System.Security.Principal.SecurityIdentifier]"S-1-5-32-544"
+return $principal.IsInRole($hypervrole)
+`
 
 	var ps powershell.PowerShellCmd
-	cmdOut, err := ps.Output(hypervAdminCmd)
+	cmdOut, err := ps.Output(script)
 	if err != nil {
-		return err
+		return false, err
 	}
 
 	res := strings.TrimSpace(cmdOut)
+	return powershell.IsTrue(res), nil
+}
+
+func (d *HypervPS4Driver) verifyHypervPermissions() error {
+
+	log.Printf("Enter method: %s", "verifyHypervPermissions")
+
+	hyperVAdmin, err := d.isCurrentUserAHyperVAdministrator()
+	if err != nil {
+		log.Printf("Error discovering if current is is a Hyper-V Admin: %s", err)
+	}
+	if !hyperVAdmin {
 
-	if res == "False" {
 		isAdmin, _ := powershell.IsCurrentUserAnAdministrator()
 
 		if !isAdmin {

common/powershell/powershell.go

@@ -17,6 +17,14 @@ const (
 	powerShellTrue  = "True"
 )
 
+func IsTrue(s string) bool {
+	return s == powerShellTrue
+}
+
+func IsFalse(s string) bool {
+	return s == powerShellFalse
+}
+
 type PowerShellCmd struct {
 	Stdout io.Writer
 	Stderr io.Writer